From 5d859953e393a2539e67df3ce73798e7029cf5b9 Mon Sep 17 00:00:00 2001 From: Jonathan McDowell Date: Mon, 22 Aug 2016 17:35:02 +0100 Subject: [PATCH] Throw away invalid packet data when parsing packets We would detect that a packet wasn't correctly formed, and handle requests to try to allocation too much memory that failed, when parsing keys. However the old partial packet structure was still left around. If we hit an error when parsing an incoming packet make sure it's fully cleaned up. --- parsekey.c | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/parsekey.c b/parsekey.c index 6255ab8..008248e 100644 --- a/parsekey.c +++ b/parsekey.c @@ -356,10 +356,25 @@ onak_status_t read_openpgp_stream(int (*getchar_func)(void *ctx, size_t count, } } - /* Trim the last packet if it doesn't actually exist */ - if (packetend != NULL && (*packetend)->packet == NULL) { - free(*packetend); - *packetend = NULL; + if (packetend != NULL) { + if ((*packetend)->packet != NULL) { + /* If we got an invalid final packet, discard it. */ + if ((*packetend)->packet->data != NULL && + rc != ONAK_E_OK) { + free((*packetend)->packet->data); + (*packetend)->packet->data = NULL; + } + /* If we didn't get any data, clean it up. */ + if ((*packetend)->packet->data == NULL) { + free((*packetend)->packet); + (*packetend)->packet = NULL; + } + } + /* Trim the last packet if it doesn't actually exist */ + if ((*packetend)->packet == NULL) { + free(*packetend); + *packetend = NULL; + } } return (rc); -- 2.39.5